using windows debugger to view a memory location written to in C?

Question

I have Turbo C and windows debug running in dosbox

I have this C program, it has two main lines, as you can see. int a=5 and then a line to show the address of a, printf("address of a=%x",&a)

I run it

It seems to tell me that a has been allocated the address of fff4

Now I want to use debug to hopefully see the value of 5 at that memory address

But it is not showing

How can I see it in debug?

Once your program exits then any temporary changes to memory are effectively gone. You need to debug *while your program is running* - set a breakpoint in the program and then examine memory while it's halted at the breakpoint. — Paul R, Oct 06 '15 at 06:01
@PaulR , rohan, So is it possible to write a C program that writes to RAM in a non temporary way? — barlop, Oct 06 '15 at 06:05
@barlop: in some embedded environments you might be able to, but in general no - RAM is temporary, and in most modern operating systems it's virtual memory space anyway, so once your process is gone then the addresses and memory contents have no meaning. — Paul R, Oct 06 '15 at 06:08
Can you give us a little bit more details why you want to do this ? What is your goal ? In a real dos 16 bit environment - which you are targetting with turbo c - you could write to memory outside of your process and have this change survive the exit of your program. — Marged, Oct 06 '15 at 06:27
@Marged my goal is to play with debug and C and see memory. I suppose I will see if I can get it all running off an emulated thing and update my question if it still fails — barlop, Oct 06 '15 at 06:42
Then use a dos VM and run a program in it which writes to for example the video memory. Then you will be able to persist data which stays there until you reboot — Marged, Oct 06 '15 at 06:45
@barlop - On a meta level: The demand for debugging skills on 16-bit DOS isn't that great anymore. I haven't use mine since the 1980's. Perhaps you should consider something else to study? And use a tool from this millennium? — Bo Persson, Oct 06 '15 at 09:30
@Marged I have a VM with DOS 6.22 What lines of C/C++ would write to a specific memory location? (If that's a big question, i'll write a new question for it) — barlop, Oct 06 '15 at 11:50

rkhb · Accepted Answer · 2015-10-06T08:22:28.897

1

This is my DEBUG's output of the compiled main function:

16E1:01FA 55            PUSH    BP                                 
16E1:01FB 8BEC          MOV BP,SP                              
16E1:01FD 83EC02        SUB SP,+02                             
16E1:0200 C746FE0500    MOV WORD PTR [BP-02],0005              
16E1:0205 8D46FE        LEA AX,[BP-02]                         
16E1:0208 50            PUSH    AX                                 
16E1:0209 B89401        MOV AX,0194                            
16E1:020C 50            PUSH    AX                                 
16E1:020D E8AA06        CALL    08BA                               
16E1:0210 59            POP CX                                 
16E1:0211 59            POP CX                                 
16E1:0212 8BE5          MOV SP,BP                              
16E1:0214 5D            POP BP                                 
16E1:0215 C3            RET

int a=5; is a local variable inside the function main which is stored on the stack (MOV WORD PTR [BP-02],0005). A value on the stack is lost, when you leave the function (RET). You cannot see it outside the running program.

Your plan can go well, if you

Initialize a global variable and
produce a tiny .com program.

simplepr.c:

#include <stdio.h>

int a=5;

void main()
{
    printf ("address of a=%x",&a);
}

Compile:

TCC.EXE -mt -lt simplepr.c

DEBUG session:

n simplepr.com
l
g         -> address of a=125c (example)
d 125c    -> or what the address is

edited Oct 06 '15 at 08:22

answered Oct 06 '15 at 07:51

rkhb

14,159
7
32
60

thanks, that looks fascinating, i'd like to try it.. I have DOS 6.22 in a VM in virtualbox, and I have debug and my EXE.. How did you get the assembly instructions of the EXE(that you show at the beginning of your answer)? – barlop Oct 06 '15 at 11:53
@barlop. In DEBUG the command 'u'. I used Turbo Debugger to get the address of "_main". – rkhb Oct 06 '15 at 12:55
I can't quite get there http://i.stack.imgur.com/Q0jDA.png I can't get it outputting a memory location, and if you can include the turbo debugger command to get the address of _main then even better. – barlop Oct 06 '15 at 13:29
@barlop: '**d** 1562' like "**d**ump"! 'g' is "go" and '?' is "help" ;-) The explanation with Turbo Debugger is a little bit complicated. Have you installed Turbo Debugger and which version? – rkhb Oct 06 '15 at 13:32
I see it , when int a=5, the 5 is there http://i.imgur.com/X0bdtxh.png and http://i.imgur.com/PL66kGc.png thanks – barlop Oct 06 '15 at 13:45
@barlop: The dump begins at a paragraph boundary (1560). Because you want to see it from 1562 the first two places (1560, 1561) are blank. Then you see your int (16 bits = 2 bytes, little endian) '05 00'. After that is the format string of `printf` which is also stored in the global area. – rkhb Oct 06 '15 at 13:49
Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/91497/discussion-between-barlop-and-rkhb). – barlop Oct 06 '15 at 13:52

using windows debugger to view a memory location written to in C?

1 Answers1